...

View Full Version : updating topic views in a forum



jzo
11-21-2011, 01:34 AM
So I have in the making my own little forum, not for any live use as of now but at some point it will be so if you see any mysql security holes dont mind them because chances are they are in my notes.

so here is the code:




<?php
include_once("connect.php");
$cid = $_GET['cid'];
$tid = $_GET['tid'];
$sqlquery = "SELECT * FROM topics WHERE category_id='" . $cid . "' AND id='" . $tid . "'";
$result = mysql_query($sqlquery) or die(mysql_error());
if (mysql_num_rows($result) == 1)
{
$tviews = $row['views'];
$tviews = $views ++;
mysql_query( "UPDATE topics SET topic_views = " . $tviews . " WHERE category_id='" . $cid . "' AND id='" . $tid . "'");

//echo ("<table width='100%'>");
if ($_SESSION['uid'])
{
echo ("<tr><td colspan='2'><input type='submit' value='Reply' onClick=\"window.location= 'post_reply.php?cid=" . $cid . "&tid" . $tid . "'\" />");
}else
{
echo ("<tr><td colspan='2'><p> Please Log in to post Replies.</p><hr />");
}
while ($row= mysql_fetch_assoc($result))
{
$sqlquery2 = "SELECT * FROM posts WHERE category_id='" . $cid . "'AND topic_id='" . $tid . "'";
$result2 = mysql_query($sqlquery2) or die(mysql_error());
while ($rows2 = mysql_fetch_assoc($result2))
{
echo ("<tr><td valign='top' style='border: 0px solid: #000000;'><div style='min-height: 125px;'>" . $row['topic_title'] . " <br /> by " . $rows2['post_creator'] . " - " . $rows2['post_date'] . "<hr />" . $rows2['post_content'] . "</div></tr><tr><td colspan='2'><hr /></td></tr>");
}
}

}
else{
echo "<p>This Topic Does Not Exist.</p>";
}
?>



Now if you look at the section towards the top where the lines


<?php
$tviews = $row['views'];
$tviews = $views ++;
mysql_query( "UPDATE topics SET topic_views = " . $tviews . " WHERE category_id='" . $cid . "' AND id='" . $tid . "'");
?>


appear, you can see that id like to update the views when a user views the topic. now this code i have took it from 0 to 1 but it wont go from 1 to 2 and so on. I know this is something simple but my brain is fried at this point so I just need some fresh eyes i think. thanks in advance

Adee
11-21-2011, 02:25 AM
can't you just do like..

say you're on yoursite.com/forum/index.php?id=10

and say


$topic = mysql_escape_string($_GET['id']);
$query = "UPDATE topics SET views = views+1 WHERE id = '$topic'";
mysql_query($query);

jzo
11-21-2011, 02:32 AM
looks like it makes sense to me... ill try it out and get back to you. Thanks

jzo
11-21-2011, 02:47 AM
no dice... i must be putting it in the wrong section of my code but i dont know where else to put it.... ill keep on my trial and error.

jzo
11-21-2011, 03:17 AM
can't you just do like..

say you're on yoursite.com/forum/index.php?id=10

and say


$topic = mysql_escape_string($_GET['id']);
$query = "UPDATE topics SET views = views+1 WHERE id = '$topic'";
mysql_query($query);


you def helped me but instead of using solely your code i mixed them:



<?php
mysql_query( "UPDATE topics SET topic_views = topic_views + 1 WHERE category_id='" . $cid . "' AND id='" . $tid . "'");
?>


thats it, works like a charm.

thanks for the brainstorm



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum